ALERT (and evidence from victim from France) : If you were client of easypay : CHANGE ALL PASSWORDS NOW if your emailaddress has the same password

I change the warning just to be sure 

because all your passwords and the way to change passwords in other services go through your principal emailaddress

this is why you should have at least an unique password for your principal emailaddress (and not one that has the same logic or words in another order as your compromised password)

you can also activate in some online mailservices the double authentification with your mobile phone (although your mobile phone is as secure as a computer was 10 years ago so I am not sure that this is real futureproof solution) 

these are two tweets that got my attention (maybe they want to show that the emailaddresses and passwords really work and give access to more than easypay which has changed its passwords lately) 

In the press is mentioned that Belgocontrol (air traffic control) wasn't compromised by this leak. We never said they were. But if your authentification is ONLY based upon passwords for login than you are now faced with a big problem to secure your access. 

some points 

* smart hackers won't pay with bitcoin because it is not totally anonymous so don't trust the fact that it isn't sold yet according to the bitcoin indexes

* I hope that easypay gave all of her clients also the very strongly worded advice to change their passwords now especially those from their email and social media and to contact the securitycell of their firm, bank or network if they use the password to access files or applications 

* securitypeople from many networks, banks and organisations will now have to block a limited number of people (if they received a list of their members who were a client with easypay and are on the 32.000 list). They can't depend on the supposition that those people - even warned - will all do the right thing in time and should block their access to the extranet, files or applications for the time being and do some research (going back 2 weeks) and decide to give a new password  

there are also french people involved so I hope that the cert and easypay have contacted the french clients, the french privacycommission and CERT to enable them to take all these measures as discribed above 

otherwise even more complaints may be coming their way and the french privacycommission has the possibility to give an administrative fine (something our new secretary of state for privacy DOES NOT WANT to do - which is nonsense because Europe will enforce this in two years).

r.marissal in France has so more possibilities of receiving a financial compensation than any Belgian victim

Rex Mundi said that as a test they have at least accessed 2 mailboxes and one CMS of a website of a firm (so all firms should look at the CMS of their websites if one of their users is in the list). You could be in for a lot of trouble if some-one else infects it, uses it to attack another site or just downloads all the data on it

some securitypeople in Belgium and France will have a lot of work these days .... but if they follow the best practices they should be able to tell their CIO's that today or tomorrow everything is checked and changed or blocked awaiting results of the analysis.

if you didn't have received the client list for your network than you should complain to easypay or cert.be 

The comments are closed.